This is not necessarily the case with the notabug approach if you can trust the code instead. You can run your own local copy of the js app, and/or you can verify in the browser that the app is not talking to or saying anything it shouldn't.

It's totally a valid concern, but the reasoning behind this approach makes javascript a necessary evil at this stage.

Other distributed aggregator projects like aether require software downloads, and I think that is a heavy barrier to entry.

Notabug users still have the option to use local software and if the gun protocol is ported to other languages it should be possible for different client builds to interact.